[pdimitar]

- Clickbait title: Check.

- Half-admission that the clickbait title might not apply (at the end of the article by mentioning Hanlon's Razor): Check.

- Actual good criticism on "don't roll your own crypto": Check (this is not a sarcasm, I liked that part of the article very much).

- Casual mention that the incident is from 7 years ago but implying that today there's a backdoor: Check.

- HN going crazy negative when Telegram is mentioned, as it always happens: Check.

---

I am not shilling for Telegram. I have no reason to. I can switch to Signal with my most important contacts in the space of one hour if I wanted to. I never invested any money in them either. I won't get sad if they get nuked from orbit tomorrow.

But it's really baffling how non-constructive most Telegram HN coverage is, both articles and comments. Sure, they have no bulletproof end-to-end encryption of messages. So, like 99.9% of all apps on all app stores then? Some generic marketing on the homepage using vaguely non-accurate language ("secure chats")? So, again, like 99.9% of the apps that have a page and put marketing lingo on them?

What's so uniquely awful about Telegram?

It's legitimately intriguing how hostile HN gets at the mention of Telegram. There might be some interesting sociological study hidden there somewhere.

[detaro]

> - Half-admission that the clickbait title might not apply (at the end of the article by mentioning Hanlon's Razor): Check.

That it might not apply is already in the title. backdoor-looking already explicitly expresses that.

> - HN going crazy negative when Telegram is mentioned, as it always happens: Check.

glass houses...

And nobody here is claiming that Telegram is "uniquely awful", it's just that Telegram is more notable than 99.9% of other apps, in a field (messengers) where both privacy is generally more looked at and alternatives that are widely considered better in that regard exist, all the while Telegram is widely advertised/recommended as "secure" despite being worse in that regard. On the other hand, this criticism isn't new and widely known. That's why it's called out a lot, and tbh both (paraphrased) other unrelated apps have problems too and (unsourced) people surely understand that it's just advertising and Telegrams limitations are really bad defenses.

EDIT: and I suspect Telegram is especially annoying because it's otherwise really good, so if it also solved the security question it'd be a no-brainer recommendation.

[pdimitar]

> EDIT: and I suspect Telegram is especially annoying because it's otherwise really good, so if it also solved the security question it'd be a no-brainer recommendation.

That would be quite hilarious and paradoxical: to attract so much negative reactions because the app is very good but it doesn't do everything as the tech-savvy crowd expects (in terms of cryptography). But I can see it being the true sentiment. Interesting perspective, thank you for it.

[dhnajsjdnd]

It’s really messed up that people worried about their privacy are switching from WhatsApp (which has e2e enabled so nobody can read your messages) to Telegram (which generally doesn’t). People whose messages were secure are now going to get exposed when there’s a Telegram breach.

[ryanlol]

> What's so uniquely awful about Telegram?

Telegram puts its users in danger by lying to them. They claim to be a secure, encrypted messenger but do not actually encrypt chats.

Then there’s the backdoor...

>I am not shilling for Telegram

:)

[pdimitar]

Well, sue them. I don't think all other messengers save for maybe Matrix and Signal are any better.

Even better, make a messenger that does encrypt chats. Make it paid. Prove its end-to-end encryption properties. I'll buy it and advocate for it to my friends and family.

In any case, the constant hate is (a) very tiring and (b) very uncharacteristic for HN.

[ryanlol]

Why are you so bothered by Telegram receiving some well deserved criticism? It’s weird.

There are lots of posts on HN I don’t care about, but I don’t think I’ve ever had the urge to make comments like yours.

> In any case, the constant hate is (a) very tiring and (b) very uncharacteristic for HN.

There are people who trust their life and liberty on these apps, I don’t think the “hate” towards Telegram is inappropriate at all.

And actually, I think that most of the time the HN community is far too positive about Telegram. Usually I see comments criticizing it get downvoted. Funny, no?

[pdimitar]

It's only weird if (a) I accept that the criticism is well-deserved, which I don't, and (b) because I want to read educated technical discussions. If I want to read half-baked snark then I can go to Reddit or 9GAG. Place like HN should be better than this.

I see some people linking old articles and cryptography research, and some historic incidents. Good! That's arguing in good faith and I've read those with an interest, and upvoted them. "I don't trust Durov", which many of the HN comments about Telegram boil down to, is just noise. I don't want noise in threads where I want to find objective information. I am doing my part to improve HN by downvoting / flagging comments I see as noise or non-constructive attacks.

> Usually I see comments criticizing it get downvoted. Funny, no?

Filter bubbles then, I suppose. Seems we are both in our own and apparently neither of us is right in their generalization. ¯\_(ツ)_/¯ I can live with that.

[ryanlol]

You don’t seem to actually respond the criticism, instead you just dismiss it as “half-baked snark” or with “other apps do bad stuff too!”

You complain about the quality of discussion here, but do little to participate in a constructive manner.

[pdimitar]

Yeah, I definitely got worked up so I partially contributed to the problem. Can't deny the facts.

I already responded to those criticisms elsewhere but here goes: I never expected any messenger to do end-to-end encryption. I am quite aware how un-ergonomic such a messenger would be so I know that Telegram does little more than TLS protection of the network socket. And that's fine with me and with millions of others.

But I still don't get why Telegram is the constant target of HN. Why not WhatsApp? Viber? Or literally every other messenger? I challenge you to find such brutal and full of flagged comments threads not pertaining to Telegram. As said above, we both live in our own bubble but all WhatsApp threads I've seen lately only aim at the user's data privacy and almost nobody ever mentions that their "encryption" is also a glorified TLS and their claims for end-to-end encryption are very likely dubious and a pure PR stunt.

Admittedly some of the responses earlier -- which were very unconstructive -- got to me.

[pseudalopex]

A back door means losing trust forever. It doesn't matter if it was 7 years ago.

[krspykrm]

If it was indeed a backdoor, sure, but that's a judgment call, not something anyone knows. As others have noted, e2e was a novelty at the time, not a norm, and the platform itself was extremely new (less than a year old), and their stated reason for this was to protect against weak client RNG, which in retrospect sounds like a weak reason, but looking back at the news of 2013, this was right around the time the Snowden leaks caused everyone to believe RDRAND could indeed be compromised, so "client having state-compromised RNG" was indeed something on everyone's mind.

Further, the fact that this was caught so quickly is in some sense a vindication of Telegram's model - even in its infancy when it had orders of magnitude fewer users, the fact that the client was open source allowed someone to quickly spot a vulnerability.

The verdict? IMO Telegram secret chats are probably secure (90% certain), but if I were plotting a murder or something, I wouldn't do it over a smartphone app anyway. There's just too many leaky, complex layers in the stack, some of which aren't even open, and quite dubiously so. If security is a life-or-death situation for you, you'd be a fool to use any smartphone app.

[FDSGSG]

>If it was indeed a backdoor, sure, but that's a judgment call, not something anyone knows. As others have noted, e2e was a novelty at the time, not a norm, and the platform itself was extremely new (less than a year old), and their stated reason for this was to protect against weak client RNG, which in retrospect sounds like a weak reason, but looking back at the news of 2013, this was right around the time the Snowden leaks caused everyone to believe RDRAND could indeed be compromised, so "client having state-compromised RNG" was indeed something on everyone's mind.

Everything you said here was addressed by the OP. The connection to telegram servers is already encrypted, the only adversary this server-side RNG could possibly defend against is one that has access to the server.

[krspykrm]

So maybe they just made the same mistake I did?

[vkhromov]

I believe that most of this non-constructive hate is coming from unconscious part of mind and specifically from "us versus them" mentality. Telegram is obviously belong to "them" for the wast majority of people at the West, resulting in negative attitude by default. Moreover, it's socially acceptable among "us" and is encouraged to display negative feeling toward "them"-related things, resulting in what we all can see.

[WanderPanda]

I like Telegram. In my (subjective) view it has the best UX of all messengers. It also has APIs which should give a big plus on here and at least till now they are not doing censorship to my knowledge. What might be problematic is that its reception is generally to be the "rebellish" alternative to WhatsApp etc. and people tend to think that it is more secure and has a better encryption. Another pro Telegram point would be that they at least don't have an as big incentive as FB to capitalise on their users data.

What saddens me is that Signal seems to be the go to alternative. Which is obviously more secure but still centralised and has a terrible UX (e.g. drains the battery of my laptop very fast when I tried it the last time). Why not directly go for Matrix / Element.io for a secure and decentralised (like eMail) approach? Do you really want to upload your contacts?

[pdimitar]

I view it as marketing trade-offs. Deep in a sub-thread another poster pointed out that they rely on SIM identification which can be spoofed, for example. But IMO somebody had to make the call for the right balance between ergonomy and security.

I quite like Telegram as well but I am under no illusions that it's bulletproof in terms of protecting my chats. I still think it protects them better than WhatsApp though, by the mere virtue of not being hosted in the USA where you can be ordered to give away an unencrypted dump of your database and keep silent about it until your grave.

[ryanlol]

> Deep in a sub-thread another poster pointed out that they rely on SIM identification which can be spoofed, for example.

You missed the point, again. Not only does Telegram rely on your phone number to identify you, but unlike the competition it’ll happily send out your past conversation history to anyone who manages to take control of your phone number.

Actual encrypted messengers can’t do this.

>hosted in the USA

You think the UAE is better? I live here, it’s not. If the US government wants access to telegram conversation logs, the UAE government will happily retrieve them.

[pdimitar]

> Not only does Telegram rely on your phone number to identify you, but unlike the competition it’ll happily send out your past conversation history to anyone who manages to take control of your phone number.

Many, myself included, are aware of this. I prefer it because if I get a newer iPhone tomorrow I still want all of my conversations and all history to be there. I question how many people can to a SIM takeover. No, it's not "everyone". Very few will actually do it and it seems it was a marketing tradeoff. Quite a normal practice and Telegram is not an outlier in this case.

> You think the UAE is better? I live here, it’s not. If the US government wants access to telegram conversation logs, the UAE government will happily retrieve them.

Sigh. Suspected, but never knew for sure. Thanks for letting me know. Now "all" that remains is for somebody to both incorporate end-to-end encrypted chats and allow synchronization of history between devices without a central server, in a single app, I suppose. But Telegram isn't that app and I am aware and okay with it.

[K2L8M11N2]

Telegram has an option to add an additional password to your account precisely for that reason.

[ryanlol]

Why does Telegram make all important security features opt-in?

[pdimitar]

Ergonomics. The HN crowd is really quick to forget that many users have no patience to setup several passwords and/or keys after installing an app.

You and I discussed quite a bit already and we can't agree on many things -- but I can still see where Telegram's team is coming from in their security decisions. A balance between ergonomics and security has to be struck if you want wide adoption.

We likely both abhor how quick and easy it is for many users to just say "yeah, sure, get access to my contacts so I don't have to re-add my people one by one" -- I feel that this practice is responsible for trillions of personal data points sitting out there in warehouses waiting to be used for advertising profiling, but what can we do? Seems that this is what the people want.

Having stricter -- and thus non-ergonomic in terms of UX -- security as an opt-in is apparently the best we can do in this age. By "we" I mean "all programmers and corporations".

Before you say it: I used Matrix and Riot/Elements for several months. The app itself is hopelessly behind in basically everything: it's not responsive even on a very modern Linux laptop, it often hides messages (and shows them up again a few minutes later after the app somehow force-refreshes its UI by itself), synchronization of chats when logging in from a new device was almost non-existent and took minutes to recover a channel with like 30 messages (although I heard they are working on this)... Even notifications would fire 9 out of 10 times and I had to make it a habit to check the client every 10-15 minutes or so (since it was a work chat).

Very far from convenient. Not to mention part of the time non-functional.

Telegram makes security trade-offs, I have no doubts about it. But it's a damn good app in almost all regards -- and me and many others can forgive their lack of to-the-letter end-to-end encryption implementation.

If there's an app with such a good UX and polish like Telegram that also does end-to-end encryption and doesn't drown you in GPG-like keys and passwords management minutiae, I'll gladly switch tomorrow.

[gxnxcxcx]

> by the mere virtue of not being hosted in the USA

I don't know where Telegram is hosted, but whenever I fire the desktop app there is always at least a google DNS request, sometimes some additional connections to google hosts. It certainly does seem to partially rely on the USA.

[mvolfik]

The point was about where is the data hosted.

The answer is that it's distributed, so you would need court orders in an insane amount of countries to get any decrypted data from telegram

[ryanlol]

This is hilariously out of touch. If the telegram team is based out of UAE, then the UAE government can easily force them to hand over data even if it’s stored on foreign servers.

[pdimitar]

Fair point, thank you.